We have reviewed the Report of the Joint Policy Group for the Protection of Nuclear Weapons Design and Use Control Information and approve its recommendations.

Since 1993, when Secretary of Energy Hazel O'Leary announced an Openness Initiative, several reexaminations of the adequacy and effectiveness of protection measures for nuclear weapons information categorized as Restricted Data (RD) have been conducted by joint groups from our respective departments as well as the National Research Council. The Joint Policy Group evaluated prior recommendations on increased protection for the most sensitive RD, validated the requirement, and identified documents containing the most sensitive RD warranting enhanced protection.

If you approve the enclosed recommendations, our staffs will commence implementation while continuing to jointly seek further means of providing improved, consistent, and cost-effective protection for the Nation's most sensitive Restricted Data.

REPORT OF
THE JOINT POLICY GROUP FOR THE
PROTECTION OF
NUCLEAR WEAPONS DESIGN
AND USE CONTROL INFORMATION

DECEMBER 1, 2000

BACKGROUND

On August 28, 2000, the Department of Energy (DOE) and the Department of Defense (DoD)
established the Joint Policy Group for the Protection of Nuclear Weapons Design and Use Control Information. The charter of the Joint Policy Group (JPG) was to: (1) identify any nuclear weapon design and use control information requiring enhanced protection, (2) identify possible methods to provide such protection, and (3) make recommendations based on the threat, cost and operational impact of those methods. The group was to report on the results of its study and provide recommendations by December 1, 2000, after which it would disband. Participants in this study are listed at Annex A.

This group and its report are the culmination of years of effort to respond to a recommendation in the DOE Report of the Fundamental Classification Policy Review (FCPR) Group in 1997.1 The FCPR Group recommended that, while there is some Restricted Data that warrants declassification, there is also some Restricted Data that warrants increased protection. This recommendation was consistent with two previous reviews: A Review of the Department of Energy Classification Policy and Practice by the National Research Council2 and The Classification Policy Study by the Department of Energy (DOE) Office of Declassification. The DoD, the Department of State and other agencies concurred with the recommendations of the FCPR, and this led to the "higher fences" initiative. The idea of "higher fences" was also endorsed by the Commission on Protecting Government Secrecy, the Openness
Advisory Panel of the Secretary of Energy Advisory Board and the Technical Evaluation Panel (a panel of senior DOE scientists.)

2 A Review of the Department of Energy Classification Policy and Practice, National Research Council, National Academy Press, Washington, DC 1995 [copy available at http://books.nap.edu/books]

Renewed concerns for non-proliferation, results of the three studies and apparent recent losses and mishandling of nuclear-related information have given a high priority to ensuring the identification and protection of weapon design information, including design information on older and simpler weapons. Subsequent to the FCPR, DOE technology and classification experts, using a keystone approach, recommended that approximately 65 topics in CG-W-5,3 the Joint DOE/DoD Nuclear Weapon Classification Policy Guide, be given enhanced protection. One option identified for providing enhanced protection for this information was upgrading the classification of the information to Top Secret. Stakeholders within the DOE scientific and classification community and within the DoD expressed concern about the operational impact and cost of raising this information to Top Secret. That led to the chartering of the Joint Policy Group and this report.

The Atomic Energy Act of 1954, as amended, defines Restricted Data as meaning all data concerning (1) design, manufacture, or utilization of atomic weapons; (2) the production of special nuclear material; or (3) the use of special nuclear material in the production of energy, but shall not include data declassified or removed from the Restricted Data category pursuant to section 2162 of this title.4

4 42 United States Code 2014(y)

The Department of Energy issues regulations concerning access to Restricted Data and has published DOE Order 5610.2 that establishes the procedures for the control of weapon data.5

5 42 United States Code 2201 (i); and DOE Order 5610.2, Control of Weapon Data, 8-1-80

The Department of Defense issues and maintains separate policies and procedures governing access to and dissemination of Restricted Data by DoD personnel.6

6 42 United States Code 2163; and DoD Directive 5210.2, Access to and Dissemination of Restricted Data, January 12, 1978, with change 2 dated April 3, 1981

The policy of categorizing Restricted Data into defined subject groups is contained in DOE O 5610.2 and is known as the Sigma system. The intent of this categorization is to separate information into common work groups, and facilitate enforcement of strict need-to-know for information access. This system uses strict security, as denoted by required access markings, for sharply defined and narrowly scoped information. This approach was endorsed by the National Research Council report and supports cost effective resource management in both departments.

Access and Control of Restricted Data:

The DOE and DoD have authority from the Atomic Energy Act of 1954 (as amended) to establish policy and procedures for access to Restricted Data, and those policies have significant differences. Table 1 summarizes these approaches. DoD uses an access control caveat "Critical Nuclear Weapons Design Information" (CNWDI) for certain categories of Restricted Data to ensure that only persons specifically authorized and briefed for access to CNWDI gain access to it. DoD generated documents that contain CNWDI are clearly marked: "Critical Nuclear Weapon Design Information–DoD Directive 5210.2 Applies." Other DoD generated documents that do not contain CNWDI, but do contain Restricted Data are marked as "Restricted Data," but have no other special caveat. Portion marking in DoD originated documents provides further assistance in the authorized access and control of RD. The percentage of each marking by DOE or DoD, by category, is not available.

8 Investigation by National Agency Check, now expanded to include a local agency and credit check as of 1/99

Issue for the Joint Working Group:

The Joint Working Group was asked to respond to the conclusion of the FCPR that

"...strict, and perhaps higher, levels of security be maintained around the more sensitive material..." "Moreover, there exists a body of information within the Sigma 1 and 2 and Sigma 14 and 15 categories that warrants special protection, namely:

In response to this conclusion, two options were considered by both the FCPR Group and the Joint Policy Group:

"Creating a new subcategory (handling caveat) of RD... or Reclassifying this sensitive information to Top Secret so that existing procedures can be used to achieve enhanced protection."

Because the Sigma system is well established and both the DOE and the DoD have been using it to provide enhanced protection for Sigma 14 and 15 information, the Joint Policy Group decided that creating a new Sigma 16 would be a manageable and cost effective solution. Annex B provides the definition of Sigma 16. Also, because the security measures for Sigmas 14 and 15 are already established and implemented within both departments, the Group decided that similar, but not identical, measures should be implemented for Sigma 16. Those enhanced security measures are outlined at Annex C.

One of the provisions of the Group's charter was that the information would originate from a subset of CNWDI. To assist in the evaluation of options, a survey of DoD components and contractors was conducted to determine the number of personnel who have access to CNWDI, their clearance level, and the investigative basis. The survey also collected information on where CNWDI was likely to be stored or processed. This information was intended to assist the group in determining how many activities and contractors may be impacted by any enhanced protection option(s). In a separate request to information technology professionals, DoD also collected information on the estimated cost of upgrading communication and information systems to process information classified Top Secret. This information is at Annex E.

Based on the data in Annexes D and E, the Joint Working Group determined that creating a new Sigma category, Sigma 16,9 and providing enhanced security measures to that category yielded better security at a lower cost and with less negative impact on operations than upgrading information to Top Secret.

9 Sigma 16 is the next unused number, see DOE Order 5610.2, Control of Weapon Data, 08-01-80

Finally, the Joint Working Group determined that the current guidelines for protection of use control information designated Sigma 14 and 15 are sufficient.10

10 DOE Order 452.4, Security and Control of Nuclear Explosives and Nuclear Weapons, 06-05-97; and DOE Manual 452.4-1, Protection of Use Control Vulnerabilities and Designs, 07-01-99

CONCLUSIONS

The entire body of recommendations contained in the Higher Fences Working Group report, which was developed to support the recommendation of the Fundamental Classification Policy Review Group, cannot be implemented in a single block change. This is due to multiple issues including: physical protection criteria, personnel access control, and communication and information system security. Additionally, the higher fences report did not consider enhanced protection by means other than raising the classification of certain information to Top Secret.

Creating Sigma 16 will yield better security at a lower cost and with less negative impact on operations than upgrading information to Top Secret.

RECOMMENDATIONS

That a new Sigma category (Sigma 16) be created for RD documents identified in Annex B of this Report.

That enhanced security measures as identified in Annex C of this report, be required for Sigma 16 documents.

That a permanent Joint Group (membership dependent upon topic being discussed) be
established by the DoD, DOE, and NNSA for the purpose of determining documents requiring Sigma 16 protection.

ASSIGNMENT OF ACTIONS

Department of Defense:

Revise and republish DODD 5210.2.

Designate a single point of contact for Sigma 16 management.

Coordinate with the DOE on an implementation schedule for Sigma 16 management.

Execute a Memorandum of Agreement with DOE on the handling and protection of Sigma 16 documents, to include establishment of a joint group tasked with the responsibility of identifyng documents warranting Sigma 16 protection.

DOE/National Nuclear Security Administration:

Revise and republish DOE O 5610.2, with a manual and implementation guide.

Designate a Program Office for Sigma weapons data management.

Execute a Memorandum of Agreement with DoD on the handling and protection of Sigma 16 documents, to include establishment of a joint group tasked with the responsibility of identifying documents warranting Sigma 16 protection.

Coordinate with the DoD an implementation schedule for Sigma 16 management.

REFERENCES

Joint Policy Group for the Protection of Nuclear Weapons Design and Use Control Information Charter, August 28, 2000, General Eugene E. Habiger, USAF (Retired), DOE; Arthur L. Money, DoD.

The following individuals participated in the meetings of the joint DoD DOE working group that
addressed the issues presented in the JPG charter, and assisted in the development of this report.

Department of Energy
Office of Security and Emergency Operations
David A. Jones
Office of Nuclear and National Security Information
Roger Heusser
Finn Neilsen (Co-Chair)
National Nuclear Security Administration
Office of the Chief, Defense Nuclear Security
John C. Todd (Co-Chair)
Jon H. Todd
Office of Security Support (Defense Programs)
Bill Hensley
Office of Weapons Surety
Randall Weidman
Jay Tilden
Albuquerque Operations Office
Mike Spence
Jake Chavez
Sandia National Laboratories
Joe Morreale
John Lewis
George Novotny
Al West
Rodney Wilson
Lawrence Livermore National Laboratory
Bill Bookless
Kent Johnson
Maylene Wagner
Los Alamos National Laboratory
Tim Neal
Department of Defense
Office of the Assistant Secretary of Defense
(Command, Control, Communications and Intelligence)
Office of the Director, Defense Research and Engineering
Office of the Deputy Chief of Staff for Operations, U.S. Department of the Army
Office of the Chief of Naval Operations (NO9N2), U.S. Department of the Navy
Director, Strategic Systems Program Office, U.S. Department of the Navy
Office of the Deputy Chief of Staff for Air and Space Operations,
U.S. Department of the Air Force
Office of the Joint Chiefs of Staff
U.S. Strategic Command
Naval School Explosive Ordnance Disposal
Defense Threat Reduction Agency

ANNEX B

DEFINITION OF SIGMA 16

Detailed implementation of Sigma 16 will take place after agreement by the principal DOE and DoD officials to this approach. Sigma 16 is defined as follows:

Sigma 16:

a. Design specifications that permit the reproduction and function of the complete nuclear
assembly system or the primary and/or the secondary of a nuclear weapon.

Final released engineering drawings that depict the design specifications of the nuclear assembly system, primary and/or secondary of stockpiled weapons (past and present).

2. Examples of documents excluded from Sigma 16:

Generic illustrations, and

Engineering models used to define the interface between the physics package and other weapon components but which do not reveal internal design specifications of a primary or secondary.

b. A document that contains an aggregation of design information regarding a single or
multiple nuclear assembly system and that provides comprehensive insight into nuclear weapon capabilities, vulnerabilities, or design philosophies. Proposed documents will be reviewed and designated by a joint DoD/DOE group for a determination of Sigma 16 protection.

This category may include, but is not limited to the following documents:

"Biennial Weapons Program Report"

Some final weapon development reports (complete not executive summary or synopsis versions), or

7. Establish a central electronic database of persons authorized access to Sigma 16. It is
recommended that the Joint Personnel Adjudication System (JPAS) serve as the central electronic database for the DoD.

8. Establish a document registry to track "birth-to-death" accountability for each document.

9. Identification of a single point of contact [department facility coordinator] to ensure accountability of Sigma 16 documents.

1. *Indicates the organization included a count for contractors.
** Indicates the contractor count is based on visit requests.
***Indicates contractor personnel support in office.
***Indicates that the organization doesn't store or process CNWDI.

2. Other organizations did not include a count for contractors, anticipating DSS would be responsible for collecting that data.

3. DSS placed the data call on its website and requested contractors to respond voluntarily. Since the NISPOM does not require collecting and reporting this data, there is no requirement for contractors to respond to a data call; it's voluntary.

These can be mounted at the main distribution point, rather than on/in an individual PC, in order for small groups of people to share data. However, if you need to encrypt on a larger LAN there is a network encryption system @$25,000.

JOINT POLICY GROUP FOR THE PROTECTION OF
NUCLEAR WEAPONS DESIGN AND USE CONTROL INFORMATION

CHARTER

August 28, 2000

PURPOSE: The protection of nuclear weapon-related information is crucial to maintaining
the security of the United States. Since both the Department of Energy (DOE) and the
Department of Defense (DoD) are responsible for the security of such information,
corresponding programs are needed at both agencies to ensure continuity and
standardization where practical. Such continuity and standardization enhance the
protection of nuclear weapon-related information across the Government and benefit the
American taxpayer by establishing a more efficient and effective program. To that end, the
Joint Policy Group for the Protection of Nuclear Weapons Design and Use Control
Information (Joint Policy Group) has been established to determine how best to enhance
the protection of Restricted Data (RD) constituting the most sensitive nuclear
weapon-related information. Such information is a subset of all nuclear weapon design and
use control information. To accomplish this task, the Joint Policy Group will (1) study
current DoD and DOE policies for the classification and protection of nuclear weapon
design and use control information, (2) evaluate the effectiveness of these policies, and
(3) recommend whether and how these policies may be improved.

BACKGROUND: Under the Atomic Energy Act of 1954, as amended (the Act), the DOE
establishes the Government-wide identification, protection, and personnel security
programs for RD. Also under the Act, the DoD, which possesses the bulk of all RD outside
the DOE, establishes its own internal personnel security program for RD under its control.
Since both Departments have policy roles with respect to RD, and also have the
overwhelming majority of all RD in the government, cooperation in this study is imperative.

Formation of the Joint Policy Group to study the protection of nuclear weapons design and
use control information is not without precedent. In 1995, the DOE and DoD embarked on
the Fundamental Classification Policy Review (FCPR), a joint effort to comprehensively
review nuclear weapons-related classification policy to determine which information no
longer warranted protection in the post-Cold War era. The FCPR also identified a number
of specific nuclear weapons-related subject areas as being particularly sensitive. This
aspect of the FCPR is a starting point for the Joint Policy Group to identify what, if any,
information warrants enhanced protection.

OBJECTIVE: The objectives of the Joint Policy Group are to identify (1) any nuclear
weapon design and use control information requiring enhanced protection, (2) possible
methods to provide such protection, and (3) recommendations based on the threat, cost
and operational impact of those methods.

PROCESS: The Joint Policy Group may form and task subgroups, if needed. These
subgroups will be staffed by both DoD and DOE employees and contractors.

PRODUCT: The Joint Policy Group will provide a report containing the results of its study
and recommendations concerning the protection of nuclear weapons design and use
control information to the Director, Security and Emergency Operations, DOE and to the
Deputy Assistant Secretary of Defense (Intelligence), DoD.

Ultimately, although not a direct product of the Joint Policy Group, agency and national
publications may require changes to incorporate the accepted Joint Policy Group
recommendations.

DURATION: The Joint Policy Group will produce its final report and disband by December
1, 2000.

GROUP MEMBERS:

Department of Energy

Security and Emergency Operations Staff
Office of Nuclear and National Security Information staff

As outlined in the "Joint Policy Group for the Protection of Nuclear Weapons Design and Use Control Information Charter" which we signed on August 28, 2000, I am designating the following individuals as Department of Energy co-chairs of the Joint Policy Group: